Abuse procedures... Reality Checks

• Previous message (by thread): Abuse procedures... Reality Checks
• Next message (by thread): AOL Postmaster?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Last post for me on this thread... Dirty Networking 101

So the other morning I found a contact for a company who'll for
now remain unamed, this contact is on this group...Sent them
yet another message (3 this week):

<new message>
To whom it may concern,

One of my servers has been heavily under attack for the past 24
hours from your IP space. There were 10726 attempts to log into
my VoIP server within the last 24 hours. Please sanitize this
machine from your network. Attached is the logfile.
</new message>

10726 attacks in a variety of forms. Why should I NOT ban this
network and its clients from reaching my networks. Can someone
please help me understand the logic of being called something
akin to a crybaby, spoiled sport, unfair admin since I am now
going to block their /17?

On to semi-relevant news...

For those who care: Support Intelligence analyzed 22,000 ASNs
for every kind of eCrime including DDoS, Scanning, hosting
Malware, sending Spam, hosting a phish, or transmitting viruses
... 17 of the 100 networks listed are from ARIN. Six of the
seventeen are from Time Warner. 5 are from Comcast, 2 are from
Charter.

http://blog.support-intelligence.com/2007/04/doa-week-14-2007.html

That's their record. I now have 52 hosts dumping out syslog
records and can name about 30+ networks of which some of
the engineers from them are on this list. So what is their
left to do when points of contact fail miserably.

Maybe I will take a crack at writing a document based on the
amount of waste whether its bandwidth, time or money in blocking
venomous hosts from my subnets. Costs, benefits, experience,
pros, cons.

-- 
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
sil . infiltrated @ net http://www.infiltrated.net

The happiness of society is the end of government.
John Adams
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5157 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20070413/42c479a3/attachment.bin>

• Previous message (by thread): Abuse procedures... Reality Checks
• Next message (by thread): AOL Postmaster?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]